Do your data security plans include recovery contingencies for when you’re traveling?

I’ve long had a backup Plan Bfor when I’m traveling, but only recently did I have to execute it. I’m happy to say it worked, but I had occasion to seriously consider the best way to protect my work on an ongoing basis.

Here’s what happened. I was leaving on a business trip overseas. I’d packed my bags, filled up my iPad with movies to watch on the long flights, and made sure I had the business data I needed for my trip.

Just moments before my airport ride arrived, my laptop died.

I had my driver stop at a computer store while I ran inside and purchased a new laptop. There simply wasn’t enough time to try replacing the presumably dead hard drive. I unpacked the new laptop at the airport and shoved it into my bag. As soon as we were in the air, I pulled out the external hard drive on which I store my Time Machine backups. Fortunately, I’d made a new Time Machine backup earlier in the morning.

Before my plane was even out of U.S. air space, my new laptop was up and running, with all of the data and tools I needed for the trip.

But how secure was all of this? What if someone had stolen my Time Machine drive?

Here are eight tips for fellow frequent travelers that I pondered on my 15-hour flight to Tokyo.

My travel laptop only has the tools and data on it that I need for each trip I go on. I don’t have all my business data with me, for example. Before I leave, I grab the folders I need for that trip and copy them to my travel system. When I return, I update the files on my company server and securely remove them from my laptop.

Time Machine and other backup tools let you encrypt backups. I feel the need to go further, though. I encrypt my entire backup drive, and I never store the password for that drive. I use a very lengthy passphrase that only I know. Sure, it’s not the most convenient way to go, but I sure don’t want my own backups to be the means by which someone steals my work. The phrase “hoist by his own petard”isn’t one I take lightly (and, no, that’s not my passphrase).

I used to routinely close my laptop to put it in sleepmode when I wasn’t using it, but I’ve come to learn that’s not a good idea. On many laptops, there are Firewire, Thunderbolt or other data interfaces that were simply never intended to be secure. Data acquisition over these interfaces can quickly liberate a laptop of its data, even when the entire hard drive is encrypted.

When I connect to the Internet, whether via a hotspot on a wireless carrier or over a hotel’s Wi-Fi, the first thing I do is enable my VPN. Once on my VPN, all network traffic, including DNS name queries, rides over the VPN. This doesn’t provide perfect security, but I have a lot more faith in this approach than I do in, say, hotel network services.

When I am traveling, I’m generally staying in a hotel and going to client sites. I like to make frequent Time Machine backups, encrypted as I’ve described, and leave the Time Machine drive locked in my hotel safe. Sure, those safes are far from perfectly secure, but I still prefer having a backup that is not kept with my laptop. If my laptop bag were stolen, I wouldn’t want to lose the backup at the same time. If I retain the backup, I can still likely recover and continue with my work.

I use multiple Web browsers for different purposes, and on each of them, I block as much active content (e.g., JavaScript and Flash) as I can. That’s not just something I do when I travel, but I’m more diligent about it when I’m on the road.